<?php

namespace apiend\filters;

use Yii;
use yii\web\ForbiddenHttpException;
use yii\web\User;

/**
 * AccessControl provides simple access control based on a set of rules.
 *
 * @author Qiang Xue <qiang.xue@gmail.com>
 * @since 2.0
 */
class AccessControl extends \yii\filters\AccessControl {

    /**
     * @var array the default configuration of access rules. Individual rule configurations
     * specified via [[rules]] will take precedence when the same property of the rule is configured.
     */
    public $ruleConfig = ['class' => 'apiend\filters\AccessRule'];

    /**
     * Denies the access of the user.
     * The default implementation will redirect the user to the login page if he is a guest;
     * if the user is already logged, a 403 HTTP exception will be thrown.
     * @param User|false $user the current user or boolean `false` in case of detached User component
     * @throws ForbiddenHttpException if the user is already logged in or in case of detached User component.
     */
    protected function denyAccess($user) {
        if ($user !== false && $user->getIsGuest()) {
            $user->loginRequired();
        } else {
            if (!$user->getIsGuest()) {
                throw new ForbiddenHttpException('您已登录登录后无法进行该操作');
            }
            throw new ForbiddenHttpException(Yii::t('yii', 'You are not allowed to perform this action.'));
        }
    }

}
